AP Cybersecurity Unit 1

Eavesdropping

Occurs when a hacker intercepts data that is transmitted between two devices.

On-Path Attack

Type of cyberattack where the attacker

positions themselves between two

communicating devices to intercept and

potentially alter their communication.

Credential Harvesting

Type of malicious activity where threat actors

steal login information (usernames

and passwords)

Injection

Occur when attackers exploit vulnerabilities in

an application to inject malicious code into a

system.

Dos/DDos

Dos attack uses a single source to overwhelm a system with traffic, while a Distributed Denial of Service (DDoS) attack uses multiple sources (a botnet)

Reconnaissance

The attacker researches about their target — like names, emails, or systems — often using publicly available sources called open source intelligence.

Initial Access

They find a way into the system, often by tricking someone or using weak or stolen passwords.

Persistence

The attacker sets up a way to keep getting in, even if the system restarts or passwords change.

Lateral Movement

They move around the network, trying to reach more valuable parts or gain higher-level access.

Taking Action

The attacker does what they came to do — steal data, shut things down, or cause damage.

Evading Detection

They try to cover their tracks by deleting logs or hiding files so no one knows they were there.

Script Kiddies

low skilled adversaries who rely on malicious code and tactics developed by others. They are typically motivated by money and a desire for recognition.

Hacktivists

adversaries who are motivated by a cause, such as the environment or social causes. They believe that their end goal justifies their illegal methods.

Insider Adversary

an adversary who is a member of the organization being attacked.

Cyberterrorists

adversaries who are motivated by politics or beliefs and seek to launch cyber attacks that disrupt an entire community, region, or nation. They can act independently or on behalf of a government or criminal organization.

Transnational Criminal Organizations

adversaries that seek financial gain primarily through the deployment of ransomware and by stealing corporate intellectual property and selling it in illegal markets.

State Adversaries

adversaries that are employed by a government to carry out cyber attacks to achieve its strategic aims.

Pretexting

The attacker invents a believable scenario or identity to trick the target into revealing sensitive information.

Authority

The attacker pretends to be someone in a position of power to pressure the target into following instructions.

Intimidation

The attacker uses fear, threats, or consequences to coerce the target into acting quickly or giving up information.

Consensus

The attacker suggests that others have already agreed or participated to make the target feel social pressure.

Familiarity

The attacker builds false trust by pretending to be someone the target knows or shares something in common with.

Scarcity

The attacker claims that something is in short supply to make the target feel they must act before it’s gone.

Urgency

The attacker pressures the target by creating a fake deadline or emergency to prompt quick, uncritical action.